Sign-on information

Summary of 910 - IT Security Risk Management Boot Camp


Session(s)
Name
Start
End
910 - English, May
2021-05-10
  2021-05-14  
910 - English, July
2021-07-12
  2021-07-16  
910 - English, August
2021-08-16
  2021-08-20  
910 - English, October
2021-10-18
  2021-10-22  
910 - French, November
2021-11-15
  2021-11-19  
910 - English, January
2022-01-10
  2022-01-14  
910 - English, March
2022-03-14
  2022-03-18  

Course Description

All Government of Canada (GC) departments and agencies transmitting, storing or processing sensitive government information must be protected by systems that have been developed, acquired and evaluated according to recognized standards and implemented in accordance with GC policies and directives.

This boot camp will provide participants with the overall concepts of IT security risk management for the GC and the foundational knowledge and guidelines needed to contribute to the development of security control profiles. It will also highlight the integration of IT security risk management within the System Development Lifecycle (SDLC) as described in ITSG-33.

This boot camp consists of the following foundational courses:

  • 104 – IT Security Risk Management: A Lifecycle Approach (ITSG-33)
  • 105 – Information System Security Implementation Process (ISSIP)*
  • 701 – IT Security Risk Management and Security Control Profiles*

 * Courses 105 and 701 are no longer offered on our public schedule.

Course Objectives

This course will provide you with a high-level appreciation of the key concepts and processes of cross domain solutions. It will help you plan and understand the business requirements for cross domains solutions when the need arises for information sharing between security domains.

  • Apply IT security risk management within the GC context
  • Identify the initial steps to integrating risk management guidance within your department
  • Describe the ISSIP and why it is required
  • Situate the ISSIP within the ITSG-33 security risk management process
  • Describe all the ISSIP activities
  • Complete key ISSIP activities
  • Interpret departmental threat & risk assessments
  • Identify business domains
  • Define IT security approaches
  • Identify relevant common criteria
  • Develop departmental security control profiles

Price

$2000

Duration

4 days

Delivery Method

In-class:  four straight days, usually from Monday to Thursday.
WEBEX (virtual): in two blocks of two days, usually over a period of two weeks

Target Audience

Project/Program Managers, IT Security Designers, Architects, Engineers and Managers

Prerequisites

Course 601 – Introduction to IT Security Management [e-learning]


 1-833-645-3276
 education@cyber.gc.ca